Tagged Questions

(or substitution boxes), components in many block ciphers used to substitute parts of the data in a non-linear way. While often fixed by the algorithm (like in DES and AES), sometimes they are key-dependent (like in Blowfish).

I'm new in cryptography and try to read some articles in this field.
Many of these articles talk about non-linear S-boxes, and nothing more on what they mean by their non-linearity.
I have a simple ...

Why is there a requirement of "Non-Linear functions" as a component of many popular block ciphers (e.g. the S-box in DES or 3DES)?
How does it make the cipher more secure?
The only intuition I have ...

What desirable properties should an S-box have?
My current standard selection process is to just pick them at random and verify that they fit the following criteria:
The probability that any random ...

What are the disadvantages of using random s-boxes?
In AES, the s-boxes had to obey certain mathematical rules, which? And why?
What security does using hidden s-boxes (GOST) or generating them from ...

So, as an exercise to greater understand some things about cryptography, I decided to try and implement GOST 28147-89, which uses eight 4x4 S-Boxes. I can grasp the concept of putting 4 bits through ...

I'm trying to understand how the AES S-Boxes are calculated. I understand how the multiplicative inverse is calculated over GF(2^8), but I'm confused by the description of the affine transformation. I ...

The following was going through my brain for the past week. If my thoughts are generally known to the cryptographic community would someone provide a link or two. Even if I’m making a classic newbie ...

I have been reading up on the polynomial representation of the AES Sbox (PDF: “Essential Algebraic Structure Within the AES” by Murphy and Robshaw) and I can't get it to produce the correct output.
...

Consider the following simple cipher:
$$c_1 = S(m_1 \oplus k_1) \oplus k_2$$
Where $S$ is S-box, $m_1$ - 16-bit plain text, $k_1$ and $k_2$ is two parts of 16-bit key.
If S-box is standard then this ...

As far as I know, performing differential or linear cryptanalysis always requires a knowledge of the S-boxes' content and order. Yet in Bruce Schneier's Applied Cryptography, it is stated that random ...

I would like to know, how to calculate the inverse S-box.
I followed this
link (with affine transformation first, then multiplicative inverse), but the result is wrong. For example, if I use the value ...

While studying the design and the desirable properties of an AES S-box , I came to know that Algebraic Complexity is also an important property of an S-box which is usually considered while evaluating ...

Are there different versions of CAST-256 - also known as CAST6 - available? Are there different S-Boxes available for CAST-256? If there are different versions or S-Boxes what identifier should I use ...

I've thought up a way to represent the transformation of S-Box in DES by ANF. Let
$x_i\;(1\le i\le 6)$ be the input of an S-Box,
$y_i\;(1\le i\le 4)$ be the output, for example, then
$$y_1= 1\oplus ...

Is it possible for two different half-block inputs to the DES F-function, with the same round subkey, to produce the same output?
That is, if we feed two different half-block inputs $b_1$ and $b_2$ ...

I am struggling to understand how to calculate non-linearty of an s-box, could someone show me a detailed example?
I found this question which helped a little, but I still didn't get it, if someone ...

I work on an exercise and I have to study functions as : $ f : \mathbb{F}_q \rightarrow \mathbb{F}_q$ with $q = 2^n$ which can define a S-Box for SP-Networks.
There is a question that I can't answer ...